Hack your first website (legally in a safe environment) and experience an ethical hacker’s job.
THM Room https://tryhackme.com/room/introtooffensivesecurity
TASK 1 : Hacking your first machine
When you’ve transferred money to your account, go back to your bank account page. What is the answer shown on your bank balance page?
The web bank app is :
Demo App
Using gobuster to list the available directories :
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
ubuntu@tryhackme:~/Desktop$ gobuster -u http://fakebank.com -w wordlist.txt
=====================================================
Gobuster v2.0.1 OJ Reeves (@TheColonial)
=====================================================
[+] Mode : dir
[+] Url/Domain : http://fakebank.com/
[+] Threads : 10
[+] Wordlist : wordlist.txt
[+] Status codes : 200,204,301,302,307,403
[+] Timeout : 10s
=====================================================
2022/05/02 17:42:49 Starting gobuster
=====================================================
/images (Status: 301)
/bank-transfer (Status: 200)
=====================================================
2022/05/02 17:42:58 Finished
=====================================================
We found a page for transfer of money :
Bank-transfer
Transfer $2000 tfrom account 2276 to our account (8881) :
Bank-transfer used
Bank-transfer used success
Then checking again our account :
Bank account
Answer : BANK-HACKED
If you were a penetration tester or security consultant, this is an exercise you’d perform for companies to test for vulnerabilities in their web applications; find hidden pages to investigate for vulnerabilities.
No Answer.
Terminate the machine by clicking the red “Terminate” button at the top of the page.
No Answer.
TASK 2 : What is Offensive Security?
Read the above.
No Answer
TASK 3 : Careers in cyber security
Read the above, and continue with the next room!
No Answer.